Documente Academic
Documente Profesional
Documente Cultură
A Thesis Submitted
In Partial Fulfillment of the Requirements
for the Degree of
MASTER OF TECHNOLOGY
in
Computer Science and Engineering
by
UTTAM UPADHYAY
(1709110504)
to the
June, 2019
DECLARATION
I hereby declare that the work presented in this report entitled “SECURE
APPROACH”, was carried out by me. I have not submitted the matter embodied in
this report for the award of any other degree or diploma of any other University or
Institute.
I have given due credit to the original authors/sources for all the words, ideas,
diagrams, graphics, computer programs, experiments, results, that are not my original
contribution. I have used quotation marks to identify verbatim sentences and given
I affirm that no portion of my work is plagiarized, and the experiments and results
reported in the report are not manipulated. In the event of a complaint of plagiarism
and the manipulation of the experiments and results, I shall be fully responsible and
answerable
ii
CERTIFICATE
Date: Date:
iii
SECURE MIGRATION OF MOBILE AGENT USING AES & SECRET
SHARING APPROACH
UTTAM UPADHYAY
ABSTRACT
A free portable agent is an executing program that can move from machine to machine
in a heterogeneous framework under its own one of a kind control. An operator can
either seek after a pre-doled out route on the framework or choose its motivation reliant
on the data accumulated from the framework. Offices for exceptionally special
improvement of code and data engage a program to take favored position of the locale
of data. It furthermore empowers one to progress between the necessities of low
information move limit, high inertness and withdrew orchestrate affiliations.
This computing model which exploits code, information and state versatility raises
numerous new security issues, which are very unique in relation to regular
customer/server frameworks. Agent servers which give an execution domain to the
operators to execute can be assaulted by pernicious operators. Essentially agents could
be conveying touchy data about their proprietors and ought to be shielded from altering
by pernicious hosts. Likewise, the information gathered by the agents from one host
ought to be shielded from altering by another host in the schedule.
In this report, I examine the various security issues that arise in mobile agents in
general with special reference to data collection agents. In this thesis we use AES
(Advanced Encryption Standard) and Shamir‟s secret sharing approach to provide the
security of mobile agents during the migration process. Advanced encryption standard
(AES) algorithmic rule is one on the foremost common and wide parallel block cipher
algorithmic rule employed in worldwide. This algorithmic rule has Associate in
Nursing own specific structure to encipher and decode sensitive knowledge and is
applied in hardware and code everywhere the planet. It’s very tough to hackers to urge
the real knowledge once encrypting by AES algorithmic rule. Until date isn't any proof
to creak this algorithmic rule. Second approach which we use for providing security to
mobile agent is Shamir‟s secret sharing; this technique is used for hiding a secret which
is needed in many situations. One possibly ought to hide a password, an encryption
Key, a secret formula, and etc. data is secured with encryption, however the
requirement to secure the secret key used for such encryption is important too.
Consider, we tend to cypher our necessary files with one secret key and if that secret
key is lost then all the necessary files are going to be inaccessible. Thus, secure and
economical key management mechanisms are needed. One of them is secret sharing
theme (SSS) that enables to separate the key into many shares which is able to get
distributed to any or all the participants. the key are often recovered once these parties
collaborate in some way. This survey paper can study these schemes and make a case
for the requirement for the key sharing and their security.
iv
ACKNOWLEDGEMENTS
The Thesis has proved to be a very helpful and versatile platform to increase my knowledge
and empower me with a better understanding of concepts in the real world scenario. My work
completed successfully. Thanks to the supportive staff and friends.
However, I wish to make special mention of the following. First of all I am thankful to my
thesis supervisor Mr. Pradeep Kumar, Assistant Professor, Department of Computer
Science and Engineering, JSS Academy of Technical Education, Noida under whose
guidelines I completed my dissertation. I am wholeheartedly thankful to him for giving me
his valuable time, attention & for providing me a systematic way for completing my
dissertation in time.
I would also like to thank my Co-supervisor Mrs. Deepti Aggarwal, Assistant Professor,
Department of Computer Science and Engineering, JSS Academy of Technical Education,
Noida for encouraging and inspiring me to carry out the project.
I would also like to thank my M. Tech thesis coordinator Ms. Sonali Mathur for providing
the important information regarding the thesis work.
I also do not want to miss the opportunity to acknowledge the contribution of all faculty
members of the department for their kind assistance and cooperation during the development
of the project, in general, for extending a helping hand at every juncture of need.
Finally, I would like to thank my classmates for productive discussions and their help.
UTTAM UPADHYAY
v
TABLE OF CONTENTS
.
Page No.
Declaration ii
Certificate iii
Abstract iv
Acknowledgment vi
Table of content vii
List of Tables x
List of Figure xi
List of Abbreviations x
.1.1 OVERVIEW 1
2.1 INTRODUCTION 17
3.1 INTRODUCTION 29
4.1 INTRODUCTION 31
vi
4.3 USED TECHNOLOGY 31
5.1 INTRODUCTION 34
5.7 SUMMARY 45
6.1 INTRODUCTION 47
7.1 INTRODUCTION 49
7.2 ENCRYPTION 49
7.3 DECRYPTION 52
CHAPTER 9: CONCLUSION 64
REFERENCES 67
LIST OF PUBLICATIONS 68
Curriculum Vitae 69
UTTAM UPADHYAY
Enrollment No: 1709110504
vii
LIST OF TABLES
viii
LIST OF FIGURES
ix
List of Abbreviations
MA Mobile Agent
WANET Wireless Ad-hoc Network
WSN Wireless Sensor Network
DoS Denial of Service
OSI Open System Infrastructure
AES Advance Encryption Standard
ASDK Agent Software Development Kit
JADE Java Agent Development Environment
SSL Secure Socket Layer
EEOS Extend Elementary Object System
ERC Extend Root Canal
AMS Agent Management System
ACC Agent Communicational Channel
JVM Java Virtual Machine
SSSS Shamir’s Secret Sharing Scheme
x
CHAPTER 1
INTRODUCTION
1.1 OVERVIEW
Consistently, PCs have created from enormous strong contraptions with by no
memory to client server conditions that license eccentric and moved kinds of scattered
preparing. From remote work entry terminals to Java applets, from attractive tapes to
passed on databases, distinctive compelled sorts of code and data flexibility have reliably
existed. Versatile Agent is a progressing figuring perspective which empowers all out
conveys ability of working together applications to supporting stages to outline a vaguely
coupled dispersed structure.
Mobile Agents have numerous points of interest. They can move from solicitation
Agents to organizations Agents through the system continuously, so Agents require low
transmission limit and can use these advantages sufficiently. Therefore, Agents have less
subject to data transmission in the entire Agents framework. Portable Agents needn't bother
1
with a brought together booking. Adaptable Agents which made by customers can execute
from host to have non concurrently. They will send back the result to the customers in the
wake of completing the endeavor. To complete a task, customers can make a couple of
Agents running on a couple of hosts. These Agents can execute the undertaking in parallel.
Other than those characters referenced above, versatile Agents moreover have the
characters of development self-administering and shrewd steering.
Mobile Agents are programming modules that move from stage to stage with its
own information and code. In the wake of coming to goal, the undertakings are executed in
the manner they are intended to be. Mobile Agents speak with one another when they move
inside the environment on a similar system. An agent platform incorporate the
administrations, for example, the ability for a specialist to bring forth or make new
specialists, end any produced specialists, clone itself, find different operators at stage or at
another stage, move itself on another stage and send messages to different agents. Fig. 1.1
represents the communication between agents.
2
In my work, I will utilize a basic methodology for security reason. It will incorporate
Agents, and Agent's Platform. We accepted specialists as an accumulation of program,
control data and certainties which is conveyed amid execution on hosts they visit or dwell.
For specialist stages, we have expected that it is the condition where the agents live and
execute. The phase where operators are instated is known as the home stage. This is the
most trustful and relentless stage. Mobile agents give us the benefit of making conveyed
applications. These applications bring about defeating system idleness, decrease of system
load, separated activities and quicker collaboration. As Mobile agents move starting with
one stage then onto the next for their execution, they are helpful if there should arise an
occurrence of utilizations that recover data from disseminated conditions. A few people
utilize Mobile agents to handle with their dull and tedious employments.
3
Application Application
OS OS
Communication
Framework
Self-governing: Mobile agents ought to have the option to act as indicated by their
condition. They should have fundamental management ability, i.e. where to go, when to go
and what to do. They should be prepared to monitor their state and information.
4
Proxy: once in a while mobile agents go about as another person for specific advantage.
Portability: It is the most significant key element of mobile agent. Mobile agent ought to
have the option to hold it starting with one stage then the next stage in a dynamic system.
Knowledgeable: Mobile agents are fit for taking choice due to regress learning.
Aggressive: Mobile agents should be willing to react to the network and should therefore
be goal-oriented.
Disconnected application: portable agents should have the capacity to work without
system connection.
Research: Mobile agents ought to be able to amass learning. It is useful if a decision event
should occur. In mobile agents’ innovation, the information is dealt with locally Instead of
exchanging Information over system. Thus they reduce network traffic which is significant
for immense volume of information progressively frameworks.
In this section, I give a couple of uses of versatile operators and show how they
offer a beneficial and gainful framework for arranging circulated applications.
5
Information Intensive Operations:
Versatile Agents can be effectively used when a customer with explicit needs to use
a great deal of data arranged at a remote site. For example, a customer should need to check
the occasions of the word, 'Hindu', in all of the postings of soc.culture.indian newsgroup.
This need is unquestionable and it is doubtful that any specialist co-op will have a moment
application thus. Moreover, trading all of the postings of the particular newsgroup, to the
area site may not be valuable. In this circumstance, a specialist changed for the specific task
can be passed on. Significant hold assets in exchange speed can be cultivated with by no
application support from the server.
Detached Operations:
Portable specialists are particularly useful when backing for isolated exercises is
required. Mechanical assemblies like cellphones and PDAs could be related with the
system through remote associations. They can release a specialist altered to finish a
particular endeavor into the framework and disengage themselves from the framework. The
operator can complete its task freely and believe that the contraption will interface again to
pass on the results.
An affiliation may have numerous PCs or PDAs which ought to be orchestrated with
another adjustment of programming. A portable specialist can be sent with the arrangement
reason to all of these contraptions. No novel assistance (then again, actually of a specialist
execution condition) is required on these devices. Another likelihood is to have these
contraptions send specialists that trust that entrancing events will happen at the remote
server. For example, a specialist can be sent to prompt a customer through his cellphone at
whatever point there is a monetary trade crash.
There are set of occasions that a mobile agent can have amid its lifetime which
finishes the mobile agent model. Basic occasions of mobile agent are as Follows:
6
Creation: formation of an agent legitimately Corresponds to an item's constructor.
Occasion handler is in charge of introducing the condition of operator. Further the occasion
handler will likewise set up the agent for more directions that will go do.
Deletion: Deletion of an agent is Similar to the article's decimation. Every assets which are
being utilized by agent ought to be sans set by the occasion handler amid this occasion.
Convey: Conveying the agent implies Sending sign to get ready for leaving present area
and heading off to a most recent one. This occasion can be instated by whatever other agent
who needs that agent to move structure that area or agent itself can likewise start expressly
by a move demand.
Arrival: Here the relocated agent sends signals that it has landed at new area effectively
and execution of obligations has been begun.
7
Active
Creating Running
Te
nd
rm
s pe
in
Su
at
e
Deleting
Terminate
Suspend
Resume
Dispatch
Resuming
If there should arise an occurrence of incredible development of compact operators, all its
code, data and condition are exposed to the convenient specialist stage where it moves for
application usage Because of this versatile errant, the wellbeing perils are increasingly
genuine. Following are doable vindictive stage assaults:
Changing the Code of the Mobile Agent: Since a visitor framework needs to peruse the
code of the compact specialist, this pernicious framework can peruse and recall bearings
that will be performed dependent on that comprehension to gather the rest of the program.
Thusly, the stage knows the versatile specialist's methodology and reason. On the off
chance that versatile gadgets are delivered from regular development obstructs, the
pernicious framework comprehends a full picture of the compact specialist's direct, finding
the physical location and being set up to access its code stockpiling to change its code
8
either quickly or through infection presentation. It might even immediately change code,
perform it, and in conclusion restart beginning code before leaving the versatile operator.
Change the data of the Mobile Agent: There are many sensitive information such as
safety buttons, digital cash, and personal safety numbers that trigger information leakage or
loss of money. If the malicious device receives to understand the initial place of the
information, it can alter the information according to the chip. The above tasks could have
severe consequences. Even if data is not sensitive, malicious platform can attack and leak to
someone on normal data such as traveling person data.
Denial of Services: This assault leads the portable officer to lose some decent opportunities
if the officer can finish their implementation on that platform in moment and move to some
other platform. DoS allows the portable officer transfer not to be performed and locations it
with gaps in the waiting list.
Modify a mobile agent's interaction with other parties: Here, malignant framework
spies on the correspondence of a versatile official with different sides, for example, other
official or different frameworks. This adds to the expulsion of classified information from
portable specialists and outsiders. It can even exchange the connection substance and
uncover itself as a feature of association, guiding the collaboration to another surprising
outsider. It would thus be able to complete assaults on versatile operators just as outsiders.
1.2.6 Comparing Client Server Model with Mobile Agent Based Communication
The communication in Client server and Mobile agent based environment is shown below
fig 1.4:
9
Computer 2
Computer 1
Communication
Server Program
Client Program
Network
Agent Migration
Computer 2
Computer 1
Network
1. On the server runs a large portion of the application. The client will therefore use
resources on an ongoing basis. This may lead to a resource congestion condition.
10
2. Due to the lack of compatibility of development tools, composite methods are needed for
back-end and front-end procedures.
3. Some operating systems on the network are not very scalable. So there's a scalability
shortage.
4. There is total server dependence to satisfy the request. The client cannot fulfill his
request when the server goes down.
Less bandwidth: Mobile agents do not require a large bandwidth because bandwidth is
only required when the agent migrates from one location to another.
Support dynamic environment: In Java, mobile agents are being developed. Java is
independent from the platform due to its byte code. That means it is network- and
computer-independent as byte code can run on any system installed with JVM.
Efficiency: Mobile agents require less network resource because movement is from
computing to data rather than computing data. It therefore increases efficiency.
11
Fault Compassion and Robustness: The officers can respond dynamically depending on
the scenario. As a consequence, it boosts tolerance of faults in extremely complicated
distributed structures.
Dangers in versatile programming plans can be generally ordered as: dangers from a
specialist assaulting an operator stage, an operator stage assaulting an official, and an
operator assaulting another specialist on the specialist stage. Different components and
results of these dangers are tended to in detail in the accompanying parts.
1.2.8 Platform-to-agent
This classification speaks to the threat class in which hosts are trading off the
specialists. Disguising, forswearing of administration, listening in, and change are among
the dangers. These assaults are the hardest to distinguish and avert as the host has full
authority over the code and information of the specialists.
1.2.9 Agent-to-platform
This class reflects the number of risks that officials take benefit of the safety faults
of an officer system or perform assaults on an agent platform. Executing programs from
possibly untrusted sources often needs an agent platform.
1.2.10 Agent-to-Agent
This classification speaks to the arrangement of assaults where specialists exploit different
operators ' security shortcomings or dispatch assaults on different specialists. These dangers
additionally incorporate disguising, administration forswearing, unapproved access and
revocation.
Envision that you were given the assignment of discovering the normal
compensation of a room brimming with profoundly fruitful individuals from N. The
12
apparent way to do this is to summarize all the employees ' wages and average the room's
complete amount of people. The issue is that since these statistics are extremely secret and
delicate, none of the people want their monthly earnings to be disclosed.
This is a pragmatic answer. This new worth is to be passed on to Person B, who will
at that point add possess pay to Person's another worth. Presently, Person B doesn't have
even an inkling how much the pay of Person An is on the grounds that the individual
doesn't have the foggiest idea what irregular number [α] Person A has picked.
The procedure proceeds until the last individual in the room, Person N, gets the new
incentive from the second-to-keep going individual, Person N - 1. Individual N continues
adding to his or her pay, and the last worth, say[ β], is then passed back to individual A. At
this stage, individual A just needs to deduct[ α] from[ β] (on the grounds that solitary the
person knows what[ α] is), and normal this sub-aggregate over the quantity of individuals in
the room, N. Along these lines, it is conceivable to acquire the normal compensation in the
room with no individual revealing their pay.
Consider another example of secret sharing. It takes three keys to open a bank vault
in a highly secured bank. Key holders have already been designated as two of the top
hierarchy of the bank. But strict financial regulations state that, for fear of corruption, no
one should be in full possession of the three keys. It would be the logical partition to split
the keys between these two staff. This is a conundrum, as both need equal authority over
the safeguarding of the vault of the bank.
Adi Shamir and George Blakley designed the procedure of sharing privileged insights (or
part insider facts) in 1979. In this proposal, Shamir's Secret Sharing Scheme is
fundamentally examined as one of the most outstanding and prevailing mystery sharing
plans.
13
1.3.1 Shamir’s Secret Sharing Procedure
Shamir's Secret Sharing Approach includes the general portion of stocks to different
respondents where every part has an unmistakable offer a few or the majority of the parts
are required to redo the mystery. Since reconstructing the secret by gathering all the
participants may be impractical, this formulates the threshold scheme where there are
sufficient k parts to remake the secret. Also known as the {k, n} limit system. If k= n, all
participants are required to disclose the secret.
The secret S is commonly part into n parts of information S1,S2, ... ,Sn, so that
• k - 1 or less Si shares are not sufficient to determine the secret (other than trying
out all options).
S1
S2
Secret S Secret S
S3
Sn
ion
tr uct
Divis ns
ion co
Re
14
1.3.2 Brink Secret Sharing
Under this framework, the message M is part into M1 parts, M2 parts, M3 parts, Mn parts,
with or without change of the message, so for a given k, (2 sections k),
2. Information of any k-1 or less Mi parts leaves M totally unsure (as in the entirety of its
potential qualities are similarly plausible).
A (k, n)- limit plan is considered such a plan. The limit worth is known as the parameter k-
n.
There may be situations in which all participants are unable to present concurrently,
in such conditions it is essential to bring together a defined amount of respondents to reveal
secrecy.
The primary problem of our thesis is to ensure secure communication and information
transfer using mobile agents. This can be achieved by stopping malicious access to data
conducted by the officer. The goal to be accomplished is to follow:
Chapter 1: Introduction
This segment gives brief presentation about the territory and issue definition, the area
likewise incorporates the inspiration and commitment of the thesis.
In this section a foundation subtleties and information of the exploration territory is being
advertised. To start with, it outlines the ongoing exploration thinks about on portable
specialist security and surveys some related past work.
15
Chapter 3: Methodology
So in my work I used Advanced Encryption Standard (AES) for encrypting and decrypting
the information and for securing the key we used shamir’s secret sharing scheme. This
approach provides better security to the mobile agent system as well as migration of mobile
agent.
In the main area of the part, the dataset is portrayed. At that point the parameters that are
utilized for the outcome assessment are talked about. After that the current and proposed
approach are thought about based on certain parameters. This investigation is appeared by
the table. The outcome demonstrates that the proposed work has higher Security lastly the
depictions of the GUI execution are exhibited.
In this thesis, the primary concern is security of versatile specialist during Migration
Process. Security is the most significant worry for any classified or mystery message.
Propelled Encryption is a system which is utilized for encryption and unscrambling of the
data or information and Shamir's Secret sharing plan is utilized for separating the mystery
key into n number of keys.
16
CHAPTER 2
LITERATURE REVIEW
2.1 INTRODUCTION
Portable specialist innovation has given a few dispersed applications major changes
over customary ways to deal with correspondence, for example, RPC, REV, and so on.
Security is the best issue that darkenes the profitable side of the portable operator
framework. As fast as the versatile operator moves from the home stage, he leaves control
of his proprietor, enabling him to assault (meddler, arrange sniffer, and execution).
One of the settings to create JAVA-based mobile agents is the IBM-Aglet or Aglet
Software Development Kit. These toolkits are open source freely accessible ; the recent
Aglet 2.5 alpha version. Good graphical user interface is given for the growth of agents. It
consists primarily of two Aglet Workbench and Aglet Building Environment (ABE)
packages.
2. Voyager
3. Springs
17
FIPA, a major drawback of SPRINGS, does not support agent communication. There are
also no sophisticated mechanisms for security. This platform does not provide user-based
graphics tools, but is still easy to use.
4. Grasshopper
5. JADE
18
Elements Contexts Servers Places Places Agencies
Agents(aglets) Agents Regions
Agents
Regions
(RNSs)-
Tahiti-Agents
Habitats
Platforms
Plugins
Mobility Aglet transfer Java Dynamic Dynamic Mobility
protocol object proxies Proxies through
series (mobility is (region Transfer
location server) control
wise) protocol
GUI Based Some No GUI GUI is there No GUI Some GUI
tools
Organization IBM Tokyo Object IKV++ Distributed Tromoso and
research space Information Cornell
Systems University
Group
Operating JDK 1.1.x on UNIX, Windows Linux Unix,Win95,
system used Win32, OS/ 2 Linux NT/ 9x, Win NT,
Warp Version Windows Solaris PDA systems
3 and 4, AIX Should run
4.x, Solaris on all
for SPARC. platforms
supporting
JDK 1.1
Programming JAVA 1.1 JAVA 1.1 JAVA 1.1 JAVA 1.1,1.2 C, Perl, Unix,
Languages used Tcl scripting
language
19
Proxy Yes Yes Yes Yes Yes
Synchronous Yes Yes Yes Yes Yes
communication
Movement by No No No Yes Yes
Name
Level of Very low High None High Very low
activity
During the past years security of mobile agent is the major topic of research in the field
of information security. Just of which many new methodologies are available for securing
the migration of mobile agents. The chapter outlined below offers a short overview of
different mobile agent migration safety methods.
M.Uddin et. al. [21] proposed a multi-layer versatile operator based system consented to
do numerous cloud tasks by both customer and cloud administration providers. Portable
specialists are utilized to direct obligations for the benefit of clients on virtual PCs in cloud
data focuses. Customers and cloud specialist organizations confirm and check these
portable operators to concur on explicit wellbeing related guidelines to do all exercises to
make a confided in stage. This procedure enables the two substances to assemble trust and
trust between themselves in the productive utilization of cloud administrations.
20
CLIENTS
MOBILE AGENTS
TASK MANAGER
VIRTUAL MACHINE
PHYSICAL MACHINE
L.Benachenhou [5] Proposed Protocol ensuring versatile operators for electronic business
applications from pernicious hosts attacks. By running his clone on confided in servers
related to the execution of the portable specialist, he utilized the reference execution
thought. This convention secures a portable specialist against alterations in code, execution
stream, data, and course. Moreover, these assaults square measure recognized about
continuously, the vindictive has square measure known and in this way the convention
proceeds to straightforwardly execute them to the client.
Protocol Security Protocol can detect and analyze the effectiveness of previously presented
attacks to identify malicious platforms.
Masquerade
Denial of service
Eavesdropping
21
Alteration
Ching Lin [20] displayed another method which alludes to as trust improved security, and
applies it to versatile operator based framework. This crisp strategy advances a change from
security-driven choices to trust-driven ones. This expands the conventional security
systems by permitting trust choices by expressly determining and overseeing trust
connections identified with security. Incorporating trust choices into the way toward
settling on security choices prompts expanded security execution in our trust. A formal
model of certainty is proposed and incorporated into the formation of another Mobile Trust
the executives design for portable specialist based applications and careful handy
investigations are done to survey and approve the rising attributes of the trust-upgraded
security strategy.
Fig 2.2 represents detailed conceptual view of the mobile trust architecture.
Agent Codifying
Authentication
Protection Trust
A Collecting
Authorization E Trust
+
Non-
repudiation F Trust Decision
+ D
Auditing
Security to
Trust
Feedback
J Feedback K
Fig. 2.2 A Detailed Conceptual View of the Mobile Trust Architecture, [20]
L.Ma et. al. [22] proposed an all-encompassing rudimentary item framework that is a P/T
system and article direction coupling. The procedure of the Reference Clone advances
feeble portability. Just as giving secure correspondence, the EEOS advances ground-
breaking versatility. Portable Agent and Execution Platform confirm the exchanges or
techniques. It likewise incorporates a way to deal with distinguish noxious assaults on
Execution Platform. This model must include greater security components which would
22
best fit into the nonexclusive model. Creator has built up a formal versatile operator
nonexclusive secure model. This model backings solid versatility as well as a portable
specialist's protected portability. Shared verification between a versatile operator and his
facilitating stage is accomplished in this model. In the meantime, all through the execution
of versatile operators, a police security framework works noxious stage assaults on portable
specialist code or execution stream. Displaying, recreating and breaking down a safe
portable specialist framework utilizing a naturally graphical formal strategy.
S.Venkatesan et al. [32] proposed an eXtended Root Canal Algorithm to help check the
trustworthiness of code and distinguish versatile specialist vindictiveness. An extended
adaptation of the Root Canal Algorithm (RC Algorithm) is the ERC Algorithm. The RC
Algorithm was utilized to check the trustworthiness of code of Mobile Agent. This strategy
has a low time multifaceted nature when contrasted with other contender procedures, for
example, Code on Demand and SeMoA. Pernicious Identification Policy (MIP)
significantly helps in ID of malevolent activities.The ERC calculation is time-complex and
space-complex effective. It additionally shields the Mobile Agent from all assaults other
than the replay assaults.
.P.Marikkannu et al. [23] actualized the Dual Check-Point Analysis system that locations
an explicitly piggybacking unidentified assault in which the noxious operator joins to the
portable specialist to assault either the versatile operator or the execution stage. It
safeguards an Authentication Table to confirm Mobile Agent's code trustworthiness and
legitimacy. The system is named Dual Check-Point Analysis since it checks the portable
operator as far as Digital Signature Verification at external entryway and as far as Size
confirmation too at inward door. This method gives a decent answer for the piggybacking
assaults. The proposed architecture to overcome the tailgating attack is shown in Fig. 2.3
Fragmentation
Fragmentation Defragmentation
Defragmentation
Authentication
Authentication
Check
Check Passage
Passage
Agent
Agent Generator
Generator
Authentication
Authentication Table
Table
Mobile Agent
Authentication Information Agent Entry
Agent Registration
23
S.Venkatesan et al. [33] executed the Mobile Agent model dependent on the Artificial
Immune System. The Protection Platform gives a spotless grouping of the division of
obligations and clones for managing remote specialists. It improves the framework's
processing abilities. In this methodology, the obligations are unmistakably partitioned;
hence assurance is given by just those operators who are equipped for recognizing
pernicious movement. This strategy drastically diminishes the expense of figuring. The
recommended model will give partition of obligations and clones so as to acquire
computational viability for the simultaneous treatment of different remote operators. The
test discoveries and the trial results demonstrated this recommended model would devour
less time contrasted with the present structures. It will identify the pernicious specialist by
separating and joining the examples with the malignant models accessible and can likewise
perceive the new noxious examples by following the application procedure.
Algorithm
Begin
5: End If
6: End For
24
8: Compare all the extracted patterns with the patterns with pattern knowledge base;
14: Unknown patterns will be moved to the malicious knowledge base and exit;
15: Else
16: Unknown patterns will be moved to the aglet functional pattern knowledge base and
exit;
17: End if
18: Else
19: Allow the agent to execute in the Genuine Agent execution environment;
20: End if
End
G. Geetha et al. [15] presented the Trust and Reputation Management structure for plotted
truncation assaults. The essential security spotlight is on the course pursued by the Mobile
Agent. A steering table with a notoriety based and trust-based safe way has been expected
for the Mobile Agent course. Moreover, cryptographic calculations were utilized to ensure
the portable operator's security. Mama data security, trust and notoriety the board (TRM) is
acquainted all together with give a sheltered course to free-meandering. TRM uses a trust-
based steering table that has a trust and notoriety esteem. Secure steering averts different
sorts of assaults, particularly conspired truncation assaults. To guarantee properties, for
example, privacy, respectability, and so forth., cryptographic calculations are utilized. In
this way, the free-meandering MA gathers data safely and effectively from different remote
hosts.
25
Y.F.T.L.Chen et al. [9] presented the Hierarchical Key Management Scheme to lessen the
unpredictability of key administration by a Mobile Agent, since versatile operator has the
heap of being moved from framework to framework. They have utilized Elliptic Curve
Cryptography to expand the security. In this manner it helps the presentation of versatile
operator on the grounds that the overhead of transmitting the key is diminished. The keys
naturally get changed by time. This is exceptionally basic in light of the fact that at some
other minute a Mobile Agent who approaches a particular asset might not approach that
asset. Thusly, specialists can get to assets just when they are allowed to get to. This
methodology is resistive to turn around assault, outer aggregate assault, conspiracy assault
and date modification assault.
S.Srivastava et al. [31] proposed Self-Reliant Mobile Code, a joint effort of different
classification, uprightness and self-security strategies. An unconstrained symmetric key
calculation dependent on Petri net was formalized by the creators. One of the key parts is
safely dispersed and another key segment is determined at runtime or at execution time
from the information gathered. The crucial development squares of our convention depend
on a secrecy and self-assurance technique dependent on wellbeing driven by the operator.
During its usage, the general idea driving self-assurance is to make portable specialist less
intuitive. We are building up a new thought for the segment portion of symmetric key to
achieve specialist driven security, whereby a principle component is securely conveyed and
other significant components are gotten from guaranteeing the honesty of data assembled at
runtime.
Petri net with EEOS: Petri net procedure is presently developed enough to show
frameworks in a wide locale of programming building since formalism is regularly used to
demonstrate disseminated and concurrent framework. Because of the nonattendance of
compositionality attributes in Petri systems, in most recent years object-arranged
innovation has been joined with Petri organizes as compositionality is the primary intensity
of this innovation. Fig.2.4 speaks to the essential petri net model.
26
Input Output
Place Pi Place Pj
Tokens
Place
Transition
Arc
27
clarification.
Malicious Pirated Entry, ERC Algorithm, -Small Time and
Availability and masquerading, MIP Capacity Intricacy
Code Test alteration
Test[33]
Dual Audit Point Attend Electronic Signature - Great answer for
[23] Piggybacking
Attacks.
AIF[33] Pirated Entry, Arrangement - Definitely
Masquerading Matching decreases
computational
expense
Faith and Character Character, Classic - Successful system
Administration[15] Adjustment and Cryptographic for plotted
Overhearing System: RSA. truncation assaults.
Stratified key Adjustment and ECC - Resisting
Administration [9] Overhearing reversal attacks,
Collective
external attacks,
attacks on
collusion and
attacks on data
alteration.
Surrogate Signature Pirated Entry Trip Executer - Successful if
aggrement[37] and just if the
Execution
Platform isn't
undermined
2.4 SUMMARY
We came across through literature survey about many limitation and security
issues that make information carried by mobile agent unsecure. Many researchers
have used RSA for ciphering the mobile agent’s data. Although AES has considered
being a fast algorithm, but it is not been used in agent based environments. In our
dissertation work we will prevent our data from malicious access by using AES and
RSA, and finally we will compare their performance.
28
CHAPTER 3
PROBLEM DEFINITION
3.1 INTRODUCTION
Portable Agent could be a sensibly program that moves type one host to an alternate
during a dispersed system versatile specialist has a few favors over existing disseminated
strategies like asset usage, diminished system traffic and so forth.
A product specialist is a program that helps people and follows up for their benefit from
the end-client see. Specialists work by empowering them to delegate employment to
individuals. It is a property shared by all authorities that they live in some setting. They
have the ability to impart and follow up on their execution setting no concurrently and self-
sufficiently. Nobody is expected to give information to the operator or eat any of its yields.
The specialist demonstrations just to accomplish his own objectives on a proceeding with
premise.
29
b. Autonomous: has command over its own behavior.
c. Goal driven: is ace dynamic.
d. Temporally continuous: is consistently executing.
and may have any of the accompanying symmetrical properties:
a) Communicative: have the option to speak with different operators.
b) Mobile: can make a trip starting with one host then onto the next.
c) Learning: adjusts as per past experience.
d) Believable: seems convincing to the end-client.
There are numerous issues in systems like low transfer speed, slow information rate
and data are not protected attributable to open flag in the versatile specialist based
correspondence plot. Any operator can move their preparing to the host in pernicious host
issue and the client can not keep the host to defend it from malevolent availability. A
straightforward model how malevolent host can influence any program, for example, a hunt
operator has been conveyed to discover the contact number of any individual. An operator
stores some underlying data that is required during the handling, for example, name of the
individual and it is to be conveyed to discover the contact number of that individual. The
official should visit every hub and inquiry their database for that result. A vindictive host
may meddle by deleting the majority of the specialist's accumulated information or by
giving an off base sum. There are additionally some different issues with the specialist
based correspondence plot, for example, malevolent operator, which likewise stances issues
in the correspondence plan arranged on versatile specialists. In a similar way as versatile
host, malevolent specialist can impact the framework and it is likewise a kind of infection
that can crash the portable host.
30
CHAPTER 4
PROPOSED WORK
4.1 INTRODUCTION
Developing agents and their broad use needs excellent infrastructure underlying
them. Literature study shows scarcity of instruments for agent growth in original years of
studies that restricted the use of this useful technology. However, a good sort of tools
square measure obtainable to make robust infrastructure.
31
tools to monitor and manage the running agent's activity. Now and then specialists
incorporate calculations of man-made reasoning to make them more brilliant. JADE is a
consistent dependent on FIPA. Specialists are made and put away in a compartment store.
Operators have source and host delivers to enable them to relocate from host to have.
Specialists have metadata cradle to store. They additionally have a one of a kind character
to separate between all specialists. It depicts the stage with three noteworthy offices. It
comprises of AMS, DF (Directory Facilitator) and ACC (Agent Communication Channel).
At the point when the specialist stage is started, all these three operators are naturally
enacted. DF and AMS are responsible for managing the agent. Fig 4.1 represents the JADE
architecture.
Software
Agent
Agent Platform
Agent
Directory
Management ACC
Facilitator
System
The ADE Agent Platform incorporates the Agent Management System (AMS), the
DF (Directory Facilitator) and the ACC (Agent Communication Channel). Toward
the start-up of the specialist stage, all these three operators are naturally enacted. DF
and AMS are in charge of dealing with the specialist.
It is a disseminated operator stage that can be isolated into different hosts. For a
solitary Java application, a solitary Java Virtual Machine is performed on each host.
Specialists are actualized as one Java string and Java occasions are utilized on a
similar host to impart adequately and lightweightly between operators. In a
progressively viable JVM correlation, JADE is arranging these assignments for
strings.
32
In order to execute multi-domain apps, variety of DFs (Directory Facilitator) will be
begun at runtime.
The JDBC API might be a Java API on the server feature acclimated produce a
Java-database correspondence. You can execute SQL articulations in the java program
utilizing the JDBC API client, recover the discoveries gained and alter data sources to
refresh the database.
In Java JDBC, the item class Driver Manager is utilized to interface the application
to the JDBC driver. The Driver Manager is extremely little in size and simple to work and
furnishes these three programming exercises with its significant capacity in the JDBC
engineering.
33
CHAPTER 5
RESEARCH METHODOLOGY
5.1 INTRODUCTION
I have proposed a secure communication model for mobile agent data and
information transfer. In our dissertation work, we have provided security at transport layer.
This can be done by securing information of agent using encryption technique thus
preventing transport layer from malicious attacks. Fig. 5.1 represents the secure agent
communication-
34
Cipher
Text
Agent
A
Encry AT Receiver
p eD
tion u
s cur
ing A
ES Se
Network
Cipher
Se
Text
cu
Server
re
D
A
TA
Plain Text
before
Encryption
Receiver
Many scientists have given distinct alternatives to safeguard the agent's data, as we
discussed in Chapter 2, but scientists are still worried about it. We have introduced security
protocol in our dissertation work to provide protection for mobile agents against various
threats / attacks. Mobile agent's migration property that helps agent move to different
remote locations makes this architecture of communication superior to others. Our study
work offers safety for mobile agents during communication or execution, thus focusing on
confidentiality. We have provided transport layer protection using AES Algorithm and For
Key Security we have used Shamir’s secret key Scheme.
35
5.3.1 Building an Agent and dumping
1. Ready for dumping: Before the mobile agent is disposed of, the agent gives the
opportunity to complete its current task.
In any versatile host, portable operator can move around and the versatile specialist
itself gives this moving guidance. The exchange procedure is performed by dispatch, move
operator from their present spot (beginning versatile host) and acquired by the specific spot.
On the off chance that we need to move versatile operators starting with one area
then onto the next, at that point portable specialists should probably distinguish their
portable host goal. On the off chance that the goal of the portable host isn't characterized,
the goal operator will choose its keep running in the default area. Versatile specialist
framework offers information that operator needs to go to the area of the portable operator.
This message is transferred between the specialist and the operator framework through an
inner API. At the point when the operator framework gets the solicitation for an outing
from the specialist, the accompanying ought to be finished.
36
Swing the agent
Resister the agent
Decrypt the registered agent
Relocate the agent
Before acquiring any versatile operator, the static portable specialist decides if this
specialist is worthy. That is the reason the static versatile specialist needs the coming
operator validation. After that dynamic versatile specialist gives it is confirmed and on the
off chance that it is right, at that point the dynamic portable operator is executed so that the
accompanying advances occur.
Without the presence of its class, the mobile agent can not resume execution in the
destination. Coming up next are the approaches to make the goal motor class accessible.
Fig 5.2 represents the class transfer for the mobile agent during the task execution.
37
Server
Class Code
Origin Destination
Agent Agent
Specialists can speak with different officials. These different specialists may dwell
in a similar spot or somewhere else. Informing specialists are either distributed or
communicated. In the distributed correspondence framework, just two hosts trade
information. Despite what might be expected, telecom is one of many informing
frameworks. The telecom framework is useful in multi-specialist frameworks. Three kinds
of correspondence plans pursue:
Data encryption is performed using the AES algorithm. The data is in a text file
format. The data sent by an agent is secured by encrypting it and decrypting it using key by
the receiving agent. Below are the algorithms brief discussion and their work:
38
AES Algorithm
Encoding is a common method that plays a key role in defending information from
intruders. To provide the best security, AES algorithm uses a specific structure to encode
information. It depends on a number of rounds to do so and consists of four sub-processes
in each round. AES provides us with 16, 24, 32 bytes key length. We used the main
duration of 16 bytes. Fig 5.3 represents the general structure of the AES algorithm.
Plain Text
K0
Round-1
Key
K1
Expansi
on
Round-2
K2
Round n
Kr
Cipher Text
The process of encryption in AES uses derived key sets, called round keys.
Together with some other activities, these keys are introduced to the information set that
will be encrypted. This is called the state array. To encrypt a data block (128 bit) using
AES, the following steps were taken:
Step: 1 gotten the round keys from the primary figure key.
Step: 3 Added the starting state array to the first round key.
39
Step: 4 performed nine rounds for manipulation of state.
Step: 5 performed the final and last round for manipulation of state.
Step: 6 copied the final state array out as the cipher text.
The tenth round is manipulated slightly differently from others. That's why they
differ from the tenth final round in the first nine rounds. Each round has its own round key,
obtained from the 128-bit encryption key that was originally used. There are four steps in
each round. One of the four round main steps conducts government array XORing.
The AES Key expansion algorithmic program derives a spherical main of sixteen
bytes for every spherical. It’s no heritable from the encoding key of the main sixteen bytes.
Here's the logic; if you change 1 bit of encipher key, several rounds will create a difference
in round numbers. First of all, as shown below, the algorithm arranges the 16-byte
encryption key in a 4-volume array.
Here the words [w0 to w3] are bitwise XOR’ed with the input block of data before the
round processing starts.
Fig 5.5 shows the round key generation for the AES algorithm.
40
W0 W1 W2 W3 g
+ + + +
W4 W5 W6 W7 g
+ + + +
W8 W9 W10 W11
Any vendor agent wishing to communicate with the client agent will encrypt their
data. Therefore no other vendor could know the price mentioned by the other.
Consequently, no unauthenticated person could manipulate, delete or read the data. Use
private key to decrypt the information when the customer receives the price list of all the
vendors.
In encryption mode, the initial keys added to the input value at the terribly starting,
that is termed an initial spherical. This is followed by nine iterations of a traditional
spherical and finishes with a finishing spherical rather altered. The following order is
conducted throughout one of the traditional activities: Sub Bytes, Shift Rows, Combine
Columns, and Add Round Key. The ultimate spherical may be a traditional spherical while
not the mix Columns stage. The first round process is depicted below in figure: 5.6
41
Cipher Text Plain Text
Ko(128 bits)
ADD ROUND KEY
Sub Bytes
Shift Rows
Round 1
Mix Columns
K1(128 bits)
ADD ROUND KEY
The first phase of each spherical begins with the conversion of SubBytes. This
phase is dependent on nonlinear S-box replacing a byte to a distinct byte within the state.
Consistent with diffusion and confusion Shannon’s principles for cryptographic algorithm
design its vital roles to get far more security. For instance in AES if we've got hexa 53
within the state, it has to exchange to hexa ED. ED created from the intersection of 5 and 3.
For remaining bytes of the state need to perform this operation.
(ii) Shift Rows
Every one of the four columns of the lattice is moved to one side. Any sections that
'tumble off' are re-embedded on the correct part of line. Move is administered as pursues
42
(iii) Mix Column Transformation
The sixteen bytes of the framework square measure by and by idea of to be 128 bits
and square measure XORed to the 128 bits of the circular key.If this is frequently the last
round, the figure content will be the yield. Something else, the subsequent 128 bits are
comprehended as sixteen bytes and that we start another comparable round.
In decoding mode, the activities in encryption mode are in inverse order relative to
their order. Therefore it starts with associate degree initial spherical, followed by nine
iterations of an inverse traditional spherical and ends with an AddRoundKey. An inverse
traditional spherical consists of the subsequent operations during this order: AddRoundKey,
InvMixColumns, InvShiftRows, and InvSubBytes. an initial spherical is an inverse
traditional spherical while not the InvMixColumns. Figure: 5.7 represent the general
structure of Decryption-
43
Plain Text
Decryption Round
InvMix Coulmns
InvSub Bytes
InvShift Rows
Cipher Text
For share development, edge (k, n) and mystery esteem S is required. At that point
polynomial work of a request (k-1) is developed as appeared in condition.
In above equation, constant term d0 is replaced with secret value S. the opposite
coefficients like, d1, d2 , …, dk-1 are any random values. Secret shares are the pairs of
values (xi , yi ), where yi=f(xi ) for 1 ≤ i ≤ n and 0 < x1 < x2 . . < xn < n -1.
44
During mystery re planning any k offers are gathered. At that point, mystery worth
is processed misuse Lagrange's interjection equation. Condition demonstrates the
Lagrange's insertion equation which supplies polynomial works.
∑ ( )
The steady term in condition f(x) is our unique mystery esteem. Condition can be
additionally rearranged as entire condition isn't required. Streamlined condition is appeared
in condition which legitimately gives consistent term for example mystery esteem S
∑ ( )
Fig 5.6 represents the proposed processing architecture for the mobile agent.
Ciphertext
Plaintext Plaintext
Sender
Sender Encrypt Recipient
Recipient
Decrypt
5.7 SUMMARY
This Chapter explains the proposed security design for verifying the portable
operator during the movement procedure. AES Approach is utilized for encoding and
45
Decrypting the data which is send by the client through the portable specialist and Shamir's
mystery sharing plan is utilized for verifying the private key which is required to get to the
data.
46
CHAPTER 6
6.1 INTRODUCTION
Container Information
The essential tools for any Java developer, including a Java IDE, a CVS client, Git
client, XML Editor, Mylyn, Maven integration and WindowBuilder
47
Installing NetBeans is relatively straightforward, it is suggested that you install Java
Development Kit (JDK) for Java programming first. Installer "NetBeans IDE" from
http:/netbeans.org/downloads/index.html after this downloads. A lot of "bundles" are
accessible. Select the first entry "Java SE" for beginners. Run the downloaded installer in
the final phase.
2. Delete the installation directories of the IDE and the GlassFish application server.
3. On the Windows platform, delete all nbi* registry entries from the following
registry Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Un
install
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Unin
stall
48
CHAPTER 7
ANALYSIS OF MODEL
7.1 INTRODUCTION
7.2 ENCRYPTION
The data is encrypted before migrating by sender agent as shown below in fig 7.1 and 7.2:
49
Fig. 7.2 Encryption Sender Side
Plain Text: hello uttam this side this is version 2. this is better version.
Here any malicious agent cannot read the file as it is in encrypted format. The agent
who knows the key can only decrypt the file. It thus improves the confidentiality of the
information of the sender. We've also overcome the danger of unlawful access and Middle
Attack Man.
50
Table 7.1: Encoding Time of AES for Various File Sizes
ENCRYPTION TIME
File Size AES (Seconds)
(Bytes)
10 0.63
20 0.44
30 0.39
40 1.14
50 0.37
60 0.42
70 0.38
80 0.08
90 0.46
100 0.34
110 1.16
120 0.55
The graph of encryption time taken by the algorithm for different file sizes is shown
below fig 7.3. We have observed that for any file size, AES takes less time for encryption.
51
AES Encryption Algorithm
7.3 DECRYPTION
On receiver side the data is decrypted by receiver agent using the decryption key.
The received data after decryption is shown in the output console. Decryption process of
received data is shown in below fig 7.4.
52
Fig. 7.4 Decryption on Receiver Side
The data can be decrypted by those agents who have the key. The decryption is also
done by the AES algorithms.
Time taken by AES algorithm to decrypt the data for different file size is given in below
Table 7.2.
Decryption Time
53
60 1.13
70 0.41
80 0.41
90 0.75
100 0.38
110 0.62
120 0.45
The graph of AES on the basis of time taken to decrypt the files of different
sizes is shown below fig. 7.5:
54
the constant term is the secret key. This can be done with the simple random integers
function and the coefficients can be stored in an array. Fig. 7.6 shows the working process
of shamir’s secret sharing scheme.
55
CHAPTER 8
SNAPSHOTS
In this chapter the previews of GUI are introduced which gives the consequence of
entire procedure just as abridges the usage part of the proposed methodology.
56
Fig. 8.2 Shows the Encryption Process of the data.
57
Fig. 8.3 Shows the Decryption process for the received data or information.
58
Fig. 8.4 shows the Home Page of the application.
59
Fig. 8.5 shows the credential page for the user or client.
60
Fig. 8.6 shows the options available for the user after successful login.
61
Fig. 8.7 shows the options availble for the authorized party after successful login.
62
Fig. 8.8 shows the Secret Key Sharing for verification of the sent data or information.
63
CHAPTER 9
CONCLUSIONS
In this dissertation, I concern the security issues of mobile agent system during its
migration process. I proposed the Mobile Agent-based Communication Security
Architecture Framework and halfway execution of the framework. The plan is extremely
broad, making it simple to coordinate into other portable specialist frameworks.
Progressively about our attention is on an application-layer security for specialist based
correspondence to end validation and classification of information between versatile
operators. To verify versatile operators, we recommended a two-way verification
convention. This arrangement can be executed in aglet (Java-based innovation) without
changing the fundamental conventions and correspondence framework for versatile
specialists. The key research findings are as follows:
Using AES enhanced the security of mobile agent and reduce the complexity of the
platform. AES provides better encryption and decryption of data than any other algorithm
does. By using shamir’s secret sharing plan security of private key enhanced and loss of
data prevented in a better way. AES is relatively fast, it can done both operation encryption
as well as decryption.
64
CHAPTER 10
FUTURE DIRECTIONS
The security architecture we have made with regard to programming, i.e. code
writing, is still partial in its implementation. It is a result of the way that portable specialist
security is excessively thorough and too enormous to be in any way finished in the theory
of an ace. Since our proposal work is related with security calculations, it is commonly
founded on the pertinence of the date of the present framework, so it might be
fundamentally reliant on the date. To underline and attempt to finish this advanced
undertaking just as limit the date reliance would be the test of right now. This is beginning
to implement security on the transportation layer data of agents. Although the work is a
start-up of mobile agent-based communication that we provided in this thesis, we planned
to expand the work for multi-agent-based communication and multi-platform
communication. We also planned to work on detecting intrusion in agent-based
environments.
65
REFERENCES
[1] A.Ghaffari. "Vulnerability and Security of Mobile Ad Hoc Networks.” Proceedings of the 6th
WSEAS International Conference on Simulation, Modeling and Optimization, (2006): pp. 124-
129
[2] A. Shamir. “How to Share a Secret.” communications of ACM, vol.22, no. 11(1979): pp. 612-
613.
[3] P. Ahuja and V. Sharma. “A Review on Mobile Agent Security.” International Journal of
Recent Technology and Engineering, vol. 1, no. 2(2012): pp. 83-88.
[4] F. Bellifemine, G. Caire, A. Poggi and G. Rimasa. “JADE: A White Paper.” Available:
http://exp.telecomitalialab.com, vol. 3, no. 3(2003)
[5] L. Benachenhou and S. Pierre. “Protection of mobile agent with a reference clone.” Computer
Communications, vol. 29(2006): pp. 268-278.
[6] B. Bhatia, M.K. Soni and P. Tomar. “Vulnerability Analysis of Mobile Agent Praxis in Mobile.”
International Journal of Computer Applications, vol. 163, no. 7(2017): pp. 58-65.
[7] Bing Wu, J. Chen Jie Wu and M. Cardei. “A survey of Attacks and Countermeasures in Mobile
Ad Hoc Networks.” Wireless Network Security, Springer US (2007): pp. 103-135.
[8] D. Camacho, R. Aler, C. Castro and J. M. Molina. “Performance Evaluation of Zeus, Jade and
Skelton Agent Frameworks.” IEEE SMC, vol. 2(2002): pp. 210-216.
[9] Y.F.T.L. Chen. “An efficient date-constraint hierarchical key management scheme for mobile
agents.” An International Journal of Expert Systems with Applications, vol. 37, no. 12(2010):
pp. 7721-7728.
[10] C. Chowdhury and S. Neogy. “Securing Mobile Agent in MANET Against Attacks using
Trust.” International Journal of Network Security & its Application, vol. 3, no. 6(2011): pp.
259-274.
[11] Dr. T. M. Ahmed. “Increasing Mobile Agent Performance.” Journal of Object Technology,
vol.6, no. 4(2007): pp. 125-140.
[12] N. Garg and R.P. Mahapatra. “MANET Security Issues.” International Journal of Computer
Science and Network Security, vol. 9, no. 8(2009): pp. 241-246.
[13] C. Garrigues, S. Robels, J. Borrell and G. Navarro-Arribas. “Promoting the Development of
Secure Mobile Agent System.” Journal of System and Software, vol. 83, no. 6(2010): pp. 959-
971.
[14] C. Garrigues , N. Migas, W. J. Buchanan and S. Robles. “Protecting Mobile Agent from
External replay Attacks.” Journal of System and Software, vol. 82(2009): pp. 197-206.
[15] G. Geetha and C. Jayakumar. “Implementation of Trust and Reputation Management for Free-
Roaming Mobile Agent Security.” IEEE Systems Journal, vol. 9, no. 2(2015): pp. 556-566.
[16] D. Horvat, D. Cvetkovic, V. M. Milutinovic and P. Kocovic. “Mobile Agents and Java Mobile
Agent Toolkits.” In Proceeding of 33rd Hawaii IEEE International Conference on System
Sciences (HICSS), pp. 1-10. IEEE, 2000.
[17] G. Kastidou, E. Pitoura and G. Samaras. “A scalable hash-based mobile agent location
mechanism.” In 23rd International Conference on Distributed Computing Systems Workshops
Proceedings, pp. 472-477. IEEE, 2003.
[18] Katiyar. “Wireless sensor network System Powered by Sensor Security Using
Steganography.” proceeding of IEEE Transaction, Second International Conference on
Emerging Applications of Information Technology, pp. 288-291. IEEE, 2011.
[19] Lange and Oshima. “Mobile Agents with Java: The Aglet API.” World Wide Web, vol. 1, no.
3(1998): pp. 111-121.
[20] C. Lin and V. Varadharajan. “MobileTrust: a trust enhanced security architecture for mobile
agent systems.” International Journal of Information Security, vol. 9, no. 3(2010): pp. 153-
178.
66
[21] M.Uddin, J. Memon, R. Alsaqour, A. Shah and M.Z.A. Rozan. “Mobile Agent based multi-
layer security framework for cloud data centers.” Indian Journal of Science and Technology,
vol. 8, no. 12(2015): pp. 1-10.
[22] L. Ma and J.J.P. Tsai. “Formal Modeling and Analysis of a Secure Mobile-Agent System.”
IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans, vol. 38,
no. 1(2008): pp. 180-196.
[23] P. Marikkannu, A. Jovin and T. Purusothaman. “A Secure Mobile Agent System against
Tailgating Attacks.” Journal of Computer Science, vol.7, no. 4(2011): pp. 488-492.
[24] Mudumbai, Srilekha S., Johnstone, William, Essari and Abdelilah. “Anchor Toolkit-A Secure
Mobile Agent System.” Lawrence Berkeley National Laboratory, june-2008.
[25] G. Naguyen, T.T. Dang, L. Hluchy, M. Laclavil, Z. Balogh and I. Budinska. “Agent Platform
Evaluation and Comparison.,” Institute of Informatics, Solvak Acadamy of Sciences, 2002.
[26] N. Borselius. “Mobile agent Security.” Electronics & Communication Engineering Journal,
vol. 14, no. 5(2002): pp. 211-218.
[27] R.Bindhu, “Mobile Agent Based Routing Protocol with Security for MANET.” International
Journal of Applied Engineering Research Dindigul, vol. 1, no. 1(2010): pp. 92-101.
[28] Reiser and Vogt. “Security requirements for management systems using mobile agents.” in
Proceeding of the Fifth IEEE Symposium on Computers and Communications. pp. 115-121,
IEEE, 2000.
[29] S.L. Shans, “Mobile Agent Protection with Self-Modifying Code.” Journal of Signal
Processing System, vol. 65, no. 1(2011): pp. 105-116.
[30] G. Samaras, M.D. Dikaiakos, C. Spyrou and A. Liverdos. “Mobile agent platforms for Web
databases: a qualitative and quantitative assessment.” In IEEE Proceedings First and Third
International Symposium on Agent Systems Applications, and Mobile Agents, pp. 50-64. IEEE,
2002.
[31] S. Srivastava and G.C. Nandi. “Self-reliant mobile code: a new direction of agent security.”
Journal of Network and Computer Applications, vol. 37(2014): pp. 62-75.
[32] S. Venkatesan, C. Chellappan and P. Dhavachelvan. “Advanced mobile agent security models
for code integrity and malicious availability check.” Journal of Network and Computer
Applications, vol.33, no. 6(2010): pp. 661-671.
[33] S. Venkatesan, R. Baskaran, C. Chellappan, A. Vaish and P. Dhavachelvan. “Artificial
Immune System based mobile agent platform protection.” Computer Standards and Interfaces,
vol. 35, no. 4(2013): pp. 365-373.
[34] S. Vitabile, V. Conti, C. Militello and F. Sorbello. “An Extended JADE-S Based Framework
for Developing Secure Multi-Agent Systems.” Computer Standards and Interfaces, vol.
31(2009): pp. 913-930.
[35] W.A.Jansen. "Mobile Agents Security." Journal of Computer applications, vol. 23, no.
17(2000): pp. 1667-1676.
[36] T. Wang, Sheng-Uei Guan and T.K. Chen. “Integrity Protection for Code-On-Demand mobile
agent in e-commerce.” The Journal of System and Software, vol. 60, no, 3(2002) pp. 211-221.
[37] X. Hong, “Efficient Threshold Proxy signature Protocol for Mobile Agent.” An International
Journal of Information Science, vol. 179, no. 24(2009): pp. 4243-4248.
[38] H. Yang, H. Luo, Fan Ye, S. Lu and L. Zhang. “Security in Mobile Ad Hoc Networks:
Challenges and solution.” IEEE Wireless Communications, vol. 11, no. 1(2004): pp. 38-47.
[39] Zakerolhosseini and Nikooghadam. “Secure Transmission of Mobile Agent in Dynamic
Distributed Environment.” Wireless Personal Communications, vol. 70, no. 2(2013): pp. 641-
656.
[40] Zhou and Haas. “Securing Ad Hoc Networks.” Special Issue on Network Security, vol. 13, no.
6(1999): pp. 24-30
67
LIST OF PUBLICATION
68
Curriculum Vitae
EDUCATION
RESEARCH INTREST
PUBLICATIONS
Uttam Upadhyay, Pradeep Kumar and Deepti Aggarwal, “Software Mobile Agent
Migration: A Review”, Journal of Emerging Technologies and Innovative Research,
6(4), pp no. 25-32, 2019
TECHNICAL SKILLS
LANGUAGES
English: Proficient
Hindi: Fluent
69